package cn.group.realm;

import cn.group.domain.Permission;
import cn.group.domain.Role;
import cn.group.domain.Student;
import cn.group.domain.User;
import cn.group.service.RoleService;
import cn.group.service.StudentService;
import cn.group.shiro.token.CustomizedToken;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

public class StudentRealm extends AuthorizingRealm {

    private StudentService studentService;
    private RoleService roleService;

    @Autowired
    public void setStudentService(StudentService studentService,RoleService roleService) {
        this.studentService = studentService;
        this.roleService = roleService;
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        Object primaryPrincipal = principals.getPrimaryPrincipal();
        //System.out.println("当前用户名"+primaryPrincipal);
        Session session = SecurityUtils.getSubject().getSession();
        User user = (User) session.getAttribute("user");
        //System.out.println("当前用户"+user);
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        Set<String> roles = new HashSet<>();
        roles.add(user.getRole().getKeyword());
        //System.out.println("拥有角色："+roles);
        info.setRoles(roles);
        Role role = roleService.queryRoleById(user.getRole().getId());
        List<Permission> permissionList = role.getPermissionList();
        System.out.println("所有权限:"+permissionList);
        for (Permission permission : permissionList) {
            info.addStringPermission(permission.getUrl());
        }

        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //System.out.println("学生登陆验证");
        // 1. 把AuthenticationToken转换为CustomizedToken
        CustomizedToken customizedToken = (CustomizedToken) token;
        // 2. 从CustomizedToken中获取username
        String username = customizedToken.getUsername();
        //数据库中根据用户名查询学生用户信息
        Student student = studentService.queryByUsername(username);
        //System.out.println("获得的登陆者："+student);
        if(student == null){
            //学生为空，表明数据库中没有该用户
            throw new UnknownAccountException();
        }
        //获取安全管理中的session对象
        Session session = SecurityUtils.getSubject().getSession();
        //将获得的学生用户对象放入session域中
        session.setAttribute("user",student);
        //获取学生用户的密码
        String password = student.getPassword();
        //进行账号密码认证
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username, password, "123");
        return info;
    }
}
